Lucene search
K

9391 matches found

Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.4 views

Amazon Linux 2 : containerd, --advisory ALAS2ECS-2026-098 (ALASECS-2026-098)

The version of containerd installed on the remote host is prior to 2.1.5-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2026-098 advisory. net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary...

10CVSS7.4AI score0.01945EPSS
Exploits2References10
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.10 views

Amazon Linux 2 : python, --advisory ALAS2-2026-3185 (ALAS-2026-3185)

The version of python installed on the remote host is prior to 2.7.18-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3185 advisory. When folding a long comment in an email header containing exclusively unfoldable characters, the parenthesis would not be...

6CVSS6.5AI score0.0055EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.8 views

Amazon Linux 2 : qemu, --advisory ALAS2-2026-3182 (ALAS-2026-3182)

The version of qemu installed on the remote host is prior to 3.1.0-8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3182 advisory. A flaw was found in QEMU. A specially crafted VMDK image could trigger an out-of-bounds read vulnerability, potentially leading to a...

5.1CVSS5.3AI score0.00114EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.9 views

Amazon Linux 2 : libpng, --advisory ALAS2-2026-3189 (ALAS-2026-3189)

The version of libpng installed on the remote host is prior to 1.5.13-8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3189 advisory. libpng: An out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogra...

8.3CVSS6.9AI score0.00955EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.7 views

Amazon Linux 2023 : libpng, libpng-devel, libpng-static (ALAS2023-2026-1463)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1463 advisory. libpng: An out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogram and the number of colors in the palette is more than twice the maxim...

8.3CVSS6.8AI score0.00955EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.6 views

Amazon Linux 2023 : nodejs20, nodejs20-devel, nodejs20-full-i18n (ALAS2023-2026-1464)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1464 advisory. node-tar is a Tar for Node.js. The node-tar library = 7.5.2 fails to sanitize the linkpath of Link hardlink and SymbolicLink entries when preservePaths is false the default secure behavior. Th...

8.8CVSS6.7AI score0.00334EPSS
Exploits3References6
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.7 views

Amazon Linux 2 : thunderbird, --advisory ALAS2-2026-3177 (ALAS-2026-3177)

The version of thunderbird installed on the remote host is prior to 140.7.1-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3177 advisory. time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type...

6.8CVSS5.8AI score0.00291EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.8 views

Amazon Linux 2 : gegl, --advisory ALAS2-2026-3183 (ALAS-2026-3183)

The version of gegl installed on the remote host is prior to 0.2.0-19. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3183 advisory. The rgbereadnewrle function in gegl/libs/rgbe/rgbe.c has a heap buffer overflow vulnerability during HDR image parsing that...

7.8CVSS7.6AI score0.00615EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.5 views

Amazon Linux 2023 : python3-pillow, python3-pillow-devel, python3-pillow-tk (ALAS2023-2026-1452)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1452 advisory. Pillow is a Python imaging library. From 10.3.0 to before 12.1.1, n out-of-bounds write may be triggered when loading a specially crafted PSD image. This vulnerability is fixed in 12.1.1. CVE-2026-2599...

8.6CVSS6.1AI score0.00367EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.5 views

Amazon Linux 2023 : firefox (ALAS2023-2026-1445)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1445 advisory. time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via stack...

6.8CVSS5.8AI score0.00291EPSS
Exploits0References4
Amazon
Amazon
added 2026/03/06 12:0 a.m.6 views

Medium: ecs-init

Issue Overview: The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content. CVE-2025-47911 The html.Parse function in golang.org/x/net/html has an...

10CVSS7.2AI score0.01945EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.8 views

Amazon Linux 2023 : postgresql16, postgresql16-contrib, postgresql16-llvmjit (ALAS2023-2026-1458)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1458 advisory. Improper validation of type oidvector in PostgreSQL allows a database user to disclose a few bytes of server memory. We have not ruled out viability of attacks that arrange for presence of...

8.8CVSS6.3AI score0.01208EPSS
Exploits3References10
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.4 views

Amazon Linux 2023 : nodejs24, nodejs24-devel, nodejs24-full-i18n (ALAS2023-2026-1466)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1466 advisory. node-tar is a Tar for Node.js. The node-tar library = 7.5.2 fails to sanitize the linkpath of Link hardlink and SymbolicLink entries when preservePaths is false the default secure behavior. Th...

8.8CVSS6.3AI score0.00541EPSS
Exploits4References8
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.6 views

Amazon Linux 2 : runc, --advisory ALAS2ECS-2026-099 (ALASECS-2026-099)

The version of runc installed on the remote host is prior to 1.3.4-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2026-099 advisory. net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP...

10CVSS7.2AI score0.01945EPSS
Exploits2References10
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.9 views

Amazon Linux 2 : evolution-data-server, --advisory ALAS2-2026-3179 (ALAS-2026-3179)

The version of evolution-data-server installed on the remote host is prior to 3.28.5-4. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3179 advisory. The Evolution backend server exposes the D-Bus service org.gnome.evolution.dataserver.AddressBook, that can be used ...

5.6CVSS5.9AI score0.00189EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.12 views

Amazon Linux 2 : firefox, --advisory ALAS2FIREFOX-2026-053 (ALASFIREFOX-2026-053)

The version of firefox installed on the remote host is prior to 140.7.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2026-053 advisory. A specially-crafted file can cause libjxl's decoder to read pixel data from uninitialized but allocated memory. Th...

8.8CVSS6.1AI score0.006EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.15 views

Amazon Linux 2 : thunderbird, --advisory ALAS2-2026-3190 (ALAS-2026-3190)

The version of thunderbird installed on the remote host is prior to 140.7.2-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3190 advisory. A specially-crafted file can cause libjxl's decoder to read pixel data from uninitialized but allocated memory. This...

8.8CVSS6.1AI score0.006EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.4 views

Amazon Linux 2023 : cuda-toolkit-13 (ALAS2023NVIDIA-2026-276)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023NVIDIA-2026-276 advisory. NVIDIA Nsight Systems contains a vulnerability in the gfxhotspot recipe, where an attacker could cause an OS command injection by supplying a malicious string to the processnsysrepcli.py script if...

7.3CVSS5.9AI score0.01185EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.8 views

Amazon Linux 2 : postgresql, --advisory ALAS2POSTGRESQL14-2026-022 (ALASPOSTGRESQL14-2026-022)

The version of postgresql installed on the remote host is prior to 14.21-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2POSTGRESQL14-2026-022 advisory. Improper validation of type oidvector in PostgreSQL allows a database user to disclose a few bytes of server...

8.8CVSS6.4AI score0.01208EPSS
Exploits3References10
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.37 views

Amazon Linux 2 : qt5-qt3d, --advisory ALAS2-2026-3187 (ALAS-2026-3187)

The version of qt5-qt3d installed on the remote host is prior to 5.15.3-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3187 advisory. A vulnerability classified as critical has been found in Open Asset Import Library Assimp 5.4.3. This affects the functi...

8.8CVSS5.8AI score0.00482EPSS
Exploits2References6
Rows per page
Query Builder